Description

A race condition was found in the way the PolicyKit pkcheck utility
checked process authorization when the process was specified by its
process ID via the --process option. A local user could use this flaw to
bypass intended PolicyKit authorizations and escalate their privileges
(CVE-2013-4288).
Note: Applications that invoke pkcheck with the --process option need to
be modified to use the pid,pid-start-time,uid argument for that option, to
allow pkcheck to check process authorization correctly.
Because of the change in the PolicyKit API, the spice-gtk (CVE-2013-4324),
hplip (CVE-2013-4325), rtkit (CVE-2013-4326), and systemd (CVE-2013-4327)
packages have been updated to use a different API that is not affected by
this PolicyKit vulnerability. The libvirt package will also be updated
for the same reason, but this update will come in a separate advisory.